apiBaseUrl}/cms/login_password"; $csrfToken = $request->session()->token(); try { $response = Http::withHeaders([ 'X-CSRF-TOKEN' => $csrfToken, 'Accept' => 'application/json', ])->post($url, [ 'username' => $request->input('username'), 'password' => $request->input('password'), ]); $data = $response->json(); // Log the full response for debugging Log::info('Login API Response: ', [$data]); if ($response->successful() && isset($data['code']) && $data['code'] === 200) { if (isset($data['data']) && isset($data['data']['access_token'])) { session(['token' => $data['data']['access_token']]); return redirect()->intended(route('my-profile')); } elseif (isset($data['data']['prompt_password'])) { session(['admin_uuid' => $data['data']['admin_uuid']]); return redirect()->route('password.change.form'); } else { return redirect()->back()->withErrors(['login' => 'Invalid API response or no token received.']); } } return redirect()->back()->withErrors(['login' => $data['message'] ?? 'Login failed.']); } catch (\Exception $e) { Log::error('Login Exception: ' . $e->getMessage()); return redirect()->back()->withErrors(['login' => 'Login request failed: ' . $e->getMessage()]); } } /** * Show the change password form */ public function showChangePasswordForm() { if (!session()->has('admin_uuid')) { return redirect()->route('login')->withErrors(['error' => 'Unauthorized access']); } return view('change-password'); } /** * Handle change password form submission by calling the API */ public function changePassword(Request $request) { $url = "{$this->apiBaseUrl}/cms/login_changePassword"; $csrfToken = $request->session()->token(); try { $response = Http::withHeaders([ 'X-CSRF-TOKEN' => $csrfToken, 'Accept' => 'application/json', 'Authorization' => 'Bearer ' . session('token'), ])->post($url, [ 'admin_uuid' => $request->input('admin_uuid'), 'password' => $request->input('password'), ]); $data = $response->json(); Log::info('Change Password API Response: ', [$data]); if ($response->successful() && isset($data['code']) && $data['code'] === 200) { if (isset($data['data']['access_token'])) { session(['token' => $data['data']['access_token']]); } elseif (isset($data['data']['token'])) { session(['token' => $data['data']['token']]); } session()->forget('admin_uuid'); return redirect()->route('my-profile')->with('success', $data['message'] ?? 'Password changed successfully'); } return redirect()->back()->withErrors(['error' => $data['message'] ?? 'Failed to change password']); } catch (\Exception $e) { Log::error('Change Password Exception: ' . $e->getMessage()); return redirect()->back()->withErrors(['error' => 'Password change request failed: ' . $e->getMessage()]); } } /** * Handle logout by calling the API */ public function logout(Request $request) { $url = "{$this->apiBaseUrl}/logout_cms"; $csrfToken = $request->session()->token(); try { Http::withHeaders([ 'X-CSRF-TOKEN' => $csrfToken, 'Accept' => 'application/json', 'Authorization' => 'Bearer ' . session('token'), ])->post($url); session()->flush(); return redirect()->route('login')->with('success', 'Logged out successfully'); } catch (\Exception $e) { Log::error('Logout Exception: ' . $e->getMessage()); session()->flush(); return redirect()->route('login')->with('success', 'Logged out successfully'); } } }